4 matches found
CVE-2023-40219
Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory...
CVE-2023-40219
Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory...
CVE-2023-40219
CVE-2023-40219 affects Welcart e-Commerce (plugin version 2.7–2.8.21 ) where an user with editor or higher privileges can upload an arbitrary file to an unauthorized directory. The associated vulnerability entry notes an Authenticated (Editor+) Arbitrary File Upload with high impact (CVSS v3.1: A...
JVN#97197972: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 - CVE-2023-40219 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N| Base Score: 2.7 CVSS v2|...